CVE-2026-56279

Capgo · Capgo

A missing authorization vulnerability in Capgo allows unauthenticated attackers to perform unauthorized actions via the get-orgs-v7 RPC endpoint.

Executive summary

A critical missing authorization flaw in Capgo allows unauthenticated attackers to access sensitive organizational data, posing a significant risk of information disclosure.

Vulnerability

This vulnerability is caused by a missing authorization check (CWE-862) on the get-orgs-v7 RPC endpoint. An unauthenticated attacker can exploit this to perform unauthorized actions against the application.

Business impact

The vulnerability carries a CVSS score of 7.5, reflecting a high risk of unauthorized data access. Successful exploitation could lead to the exposure of sensitive organizational information, potentially resulting in data breaches, loss of operational privacy, and reputational damage.

Remediation

Immediate Action: Update Capgo to version 12.128.2 or later to apply the necessary authorization controls.

Proactive Monitoring: Monitor RPC endpoint traffic for unusual request patterns or high volumes of unauthorized access attempts.

Compensating Controls: Implement strict network access controls (ACLs) to limit exposure of the RPC interface to trusted internal segments only.

Exploitation status

Public Exploit Available: No

Analyst recommendation

Given the high severity of this missing authorization vulnerability and the existence of a proof-of-concept, immediate remediation is required. Organizations utilizing Capgo must prioritize upgrading to version 12.128.2 or later to neutralize the risk of unauthorized data access.